| ||
We should emphasize that VoIP eavesdropping attacks require significant access to the network. Obviously if an attacker has access to your network to the extent required, you've got bigger problems on your hands than just your VoIP security being compromised.
In order to fully secure the confidentiality and privacy of VoIP, fairly significant configuration and architecture design work needs to take place to support the encryption schemes of choice. Many times, it doesn't make sense to encrypt the entire VoIP session (signaling and media) from end-to-end, but rather only over untrusted portions of the network and Internet.